Merge commit 'f1d4be1e7509f795706ff2310c5fc36e0e79bf4d' into glitch-soc/merge-upstream

2025-12-24 19:37:26 +00:00 · 2025-02-18 20:38:57 +01:00
parent e0b7ecfb0b f1d4be1e75
commit f3bc50778b
48 changed files with 1053 additions and 896 deletions
--- a/spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb
@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Settings::TwoFactorAuthentication::RecoveryCodesController do
-  render_views
-
-  describe 'POST #create' do
-    it 'updates the codes and shows them on a view when signed in' do
-      user = Fabricate(:user)
-      otp_backup_codes = user.generate_otp_backup_codes!
-      allow(user).to receive(:generate_otp_backup_codes!).and_return(otp_backup_codes)
-      allow(controller).to receive(:current_user).and_return(user)
-
-      sign_in user, scope: :user
-      post :create, session: { challenge_passed_at: Time.now.utc }
-
-      expect(flash[:notice]).to eq 'Recovery codes successfully regenerated'
-      expect(response).to have_http_status(200)
-      expect(response).to render_template(:index)
-      expect(response.body)
-        .to include(*otp_backup_codes)
-    end
-
-    it 'redirects when not signed in' do
-      post :create
-      expect(response).to redirect_to '/auth/sign_in'
-    end
-  end
-end
--- a/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb
@@ -1,79 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Settings::TwoFactorAuthenticationMethodsController do
-  render_views
-
-  context 'when not signed in' do
-    describe 'GET to #index' do
-      it 'redirects' do
-        get :index
-
-        expect(response).to redirect_to '/auth/sign_in'
-      end
-    end
-  end
-
-  context 'when signed in' do
-    let(:user) { Fabricate(:user) }
-
-    before do
-      sign_in user, scope: :user
-    end
-
-    describe 'GET #index' do
-      describe 'when user has enabled otp' do
-        before do
-          user.update(otp_required_for_login: true)
-          get :index
-        end
-
-        it 'returns http success with private cache control headers', :aggregate_failures do
-          expect(response).to have_http_status(200)
-          expect(response.headers['Cache-Control']).to include('private, no-store')
-        end
-      end
-
-      describe 'when user has not enabled otp' do
-        before do
-          user.update(otp_required_for_login: false)
-          get :index
-        end
-
-        it 'redirects to enable otp' do
-          expect(response).to redirect_to(settings_otp_authentication_path)
-        end
-      end
-    end
-
-    describe 'POST to #disable' do
-      before do
-        user.update(otp_required_for_login: true)
-      end
-
-      context 'when user has not passed challenge' do
-        it 'renders challenge page' do
-          post :disable
-
-          expect(response).to have_http_status(200)
-          expect(response).to render_template('auth/challenges/new')
-        end
-      end
-
-      context 'when user has passed challenge' do
-        before do
-          mailer = instance_double(ApplicationMailer::MessageDelivery, deliver_later!: true)
-          allow(UserMailer).to receive(:two_factor_disabled).with(user).and_return(mailer)
-        end
-
-        it 'redirects to settings page' do
-          post :disable, session: { challenge_passed_at: 10.minutes.ago }
-
-          expect(UserMailer).to have_received(:two_factor_disabled).with(user)
-          expect(response).to redirect_to(settings_otp_authentication_path)
-        end
-      end
-    end
-  end
-end